CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
APT24 Deploys BADAUDIO in Years-Long Espionage Hitting Taiwan and 1,000+ Domains
A China-nexus threat actor known as APT24 has been observed using a previously undocumented malware dubbed BADAUDIO to establish persistent remote access to compromised networks as part of a nearly th ...
-
CybersecurityNews
Critical ASUSTOR Vulnerability Let Attackers Execute Malicious Code with Elevated Privileges
A critical security vulnerability has been discovered in ASUSTOR backup and synchronization software, allowing attackers to execute malicious code with elevated system privileges. The flaw, tracked as ...
-
The Cyber Express
CERT-In Warns of Critical Asus Router Flaw Exposing Millions in India
According to the Indian Computer Emergency Response Team (CERT-In), thousands of households, small offices, and service providers across the country may already be at risk due to a newly uncovered aut ...
-
CybersecurityNews
SonicOS SSLVPN Vulnerability Let Attackers Crash the Firewall Remotely
SonicWall has disclosed a critical stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. That allows remote unauthenticated attackers to crash firewalls through denial-of-service at ...
-
CybersecurityNews
Oracle Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack
The notorious Clop ransomware gang has listed Oracle on its dark web leak site, alleging a successful breach of the tech giant’s internal systems. This development is part of a massive extortion campa ...
-
Daily CyberSecurity
Critical WSUS RCE (CVE-2025-59287) Actively Exploited to Deploy ShadowPad Backdoor
The AhnLab Security Intelligence Center (ASEC) has uncovered an active exploitation campaign in which threat actors weaponized a newly disclosed remote code execution (RCE) vulnerability in Microsoft ...
-
Daily CyberSecurity
SonicWall Warns of New SonicOS SSLVPN Pre-Auth Buffer Overflow Vulnerability (CVE-2025-40601)
SonicWall has issued a security advisory for a newly identified pre-authentication stack-based buffer overflow vulnerability in its SonicOS SSLVPN service. Tracked as CVE-2025-40601 and assigned a CVS ...
-
The Cyber Express
Stolen VPN Credentials Most Common Ransomware Attack Vector
Compromised VPN credentials are the most common initial access vector for ransomware attacks, according to a new report. Nearly half of ransomware attacks in the third quarter abused compromised VPN c ...
-
The Hacker News
ShadowRay 2.0 Exploits Unpatched Ray Flaw to Build Self-Spreading GPU Cryptomining Botnet
Nov 20, 2025Ravie LakshmananVulnerability / Cloud Computing Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) f ...
-
BleepingComputer
GlobalProtect VPN portals probed with 2.3 million scan sessions
Malicious scanning activity targeting Palo Alto Networks GlobalProtect VPN login portals has increased 40 times in 24 hours, indicating a coordinated campaign. Real-time intelligence company GreyNoise ...